Privacy Policy

Welcome to the official website of GoodARCH Technology (Malaysia) (“this website”). This website is operated by GoodARCH Technology Sdn. Bhd (“the Company”). The Company is committed to complying with the Personal Data Protection Act 2010 (PDPA 2010), including the Personal Data Protection (Amendment) Act 2024, and its related regulations—including the Cross-Border Personal Data Transfer Guidelines (CBPDT Guidelines)—and any further supplementary guidelines issued by the Personal Data Protection Commissioner (PDP Commissioner).

Your continued use of our services after updates constitutes your consent to any changes. Please review this policy regularly.

Scope of Application

This Policy governs the collection, processing, use, retention, protection, breach response, and cross-border transfer of personal data via the Company’s websites, domains, services, and applications.

Where a particular service provides its own privacy statement, that statement applies in addition to or instead of this Policy.

Purposes, Methods, and Scope of Data Collection

Purposes include:

Marketing, promotion, and direct marketing (with opt-out rights).
Customer service and management.
E-commerce, billing, accounting, and contractual fulfilment.
Statistical, research, and database management
Compliance with legal or regulatory obligations.

Methods/Sources of collection:

Account registrations, product/service usage, website interactions, event or promotion participation, Cookies, and tracking technologies.

Types of data collected:

Identifiers (e.g., name, email, mobile number).
Transaction/payment details.
IP address and browsing history.
Cookies and tracking information.

Consent and necessity:

Providing personal data is voluntary, but failure to provide required information may limit access to some services.

Security measures:

We implement reasonable technical and organizational safeguards aligned with the PDPA’s Security Principle, including measures required of both data controllers and data processors under the 2025 amendments effective 1 April 2025 .

Data Sharing and Disclosure

We will not share your personal data with external parties unless:

You provide explicit, informed consent.
It is necessary for providing you with the requested products/services, and our partners are bound by confidentiality.
Required by law, regulations, court order, or government authority.
Required to investigate or prevent illegal activity, fraud, or protect public safety.

In the event of a merger, acquisition, or asset transfer. We will notify you and ensure that the successor entity continues to apply appropriate privacy protections.

Your Rights

Under the Malaysian PDPA (including the 2024 Amendment), you have the right to:

Inquire about or request access to your personal data.
Request correction or updates.
Withdraw consent, request cessation of processing, or request deletion (subject to legal retention obligations)
Object to processing for direct marketing.
Request data portability—i.e., have your personal data transferred from one data controller to another—effective June 2025 .

You can make such requests via our contact channels, and we will respond within the statutory timeframes.

Cookies and Tracking Technologies

We use Cookies and similar technologies to enhance your experience.Third-party advertisers may also place Cookies, which are governed by their own privacy policies.You can disable or manage Cookies in your browser settings, though doing so may affect functionality.

Information security

We implement reasonable technical and organizational measures to guard against unauthorized access, misuse, alteration, destruction, or disclosure of personal data.

Due to inherent risks of internet transmission, absolute security cannot be guaranteed, and users bear those risks.

Cross-Border Transfer

In compliance with the updated Section 129 of the PDPA (effective 1 April 2025):

We may transfer your personal data outside Malaysia if one of the following conditions is met.
Substantially similar law in destination jurisdiction, supported by a Transfer Impact Assessment (TIA) .
Adequate level of protection equivalent to the PDPA, also established via TIA or legitimate frameworks .
Your explicit consent, following proper personal data protection notice (detailing third-party recipients and purposes) .
Contractual necessity—transfer is essential to fulfill a contract, with no feasible alternatives .
Legal proceedings—for establishing, exercising, or defending legal claims.
Reasonable grounds—e.g., to prevent harm if consent is impracticable.
Vital interests—e.g., emergencies.

We comply with the CBPDT Guidelines (issued 29 April 2025), ensuring:

Record-keeping of all cross-border transfers (including recipient details, country, data type, purpose, transfer basis, TIA documentation, consent records, etc.) .
Contracts with processors include necessary data protection clauses.
Ongoing compliance monitoring and assessment under CBPDT requirements .

Children’s Data

If you are under 18, you must use this website’s services only with your guardian’s consent.

Self-Protection Measures

Please protect your account and password. Log out after each session to prevent misuse.

Contact information

For inquiries or requests regarding your personal data, contact us:

Email: myservice@goodarch2u.com

Phone: +60-12-3499829

Governing Law and Jurisdiction

This Privacy Policy is governed by Malaysian law. Disputes related to this Policy fall under the exclusive jurisdiction of the Malaysian courts.

The establishment, modification, update and final interpretation rights of this policy belong to the company.
The above policy was announced and took effect on January 1, 2017.

GoodARCH

Good Support

Good Life

Good Healthy

Good Beauty

Good Water

Privacy Policy

Stay in touch

Sign up to stay updated on the newest in GoodARCH

© 2026 GoodARCH Technology Sdn. Bhd. 1207947-A (AJL No. 932180)